feat: backend API key auth context and settings hardening (#406)

* feat: add backend api-key auth context and settings hardening * fix: harden api key token hashing
2026-03-10 06:26:20 +01:00
parent 105eb7bc0d
commit c0507c4c4b
29 changed files with 4801 additions and 875 deletions
@@ -5,7 +5,12 @@ import "@fastify/jwt";
 export interface AuthUser {
 	id: number;
 	username: string;
-	role: string;
+}
+
+export interface AuthContext {
+	method: "session" | "api_key";
+	scope: "read" | "write";
+	apiKeyId?: number;
 }

 declare module "fastify" {
@@ -22,6 +27,7 @@ declare module "fastify" {

 	interface FastifyRequest {
 		user?: AuthUser | null;
+		authContext?: AuthContext;
 		correlationId?: string;
 	}
 }